21,617
社区成员




在windbg调试中只能读到UserBuffer缓冲区的第一个字符打印出来,执行到IoCallDriver(s_nextobj[i], irp);后崩溃
部分源码如下
NTSTATUS ccpDispatch(PDEVICE_OBJECT device, PIRP irp)
{
//获取当前堆栈
PIO_STACK_LOCATION irpsp = IoGetCurrentIrpStackLocation(irp);
//NTSTATUS status;
ULONG i, j;
//首先需要知道发送给了那个串口
for (i = 0; i < CCP_MAX_COM_ID; i++)
{
if (s_fltobj[i] == device)
{
//过滤电源操作,全都不进行截留,在win7及以后不需要调用电源操作
if (irpsp->MajorFunction == IRP_MJ_POWER)
{
/*向电源管理器发出信号,即驱动程
序已准备好处理下一个电源 IRP*/
PoStartNextPowerIrp(irp);
//跳过当前IRP栈空间.
IoSkipCurrentIrpStackLocation(irp);
//调用真实设备
return PoCallDriver(s_nextobj[i], irp);
}
if (irpsp->MajorFunction == IRP_MJ_WRITE)
{
//获取数据长度
ULONG len = 0;
len = irpsp->Parameters.Write.Length;
//获取缓冲区数据
PUCHAR buf = NULL;
if (irp->MdlAddress != NULL)
{
DbgPrint("buff MdlAddress\r\n");
buf = (PUCHAR)MmGetSystemAddressForMdlSafe(irp->MdlAddress, NormalPagePriority);
}
else
{
DbgPrint("buff UserBuffer\r\n");
buf = (PUCHAR)irp->UserBuffer;
}
if (buf == NULL)
{
DbgPrint("buff SystemBuffer\r\n");
buf = (PUCHAR)irp->AssociatedIrp.SystemBuffer;
}
//打印内容
for (j = 0; j < len; j++)
{
DbgPrint("IRP_MJ_WRITE:%2x\r\n", buf[j]);
}
KdBreakPoint();
DbgPrint("SEND IRP TO PORT%d\r\n",i);
}
//请求直接下发执行
IoSkipCurrentIrpStackLocation(irp);
NTSTATUS status;
status = IoCallDriver(s_nextobj[i], irp);
return status;
}
}
KdBreakPoint();
irp->IoStatus.Information = 0;
irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
IoCompleteRequest(irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}
NTSTATUS ccpDispatch(PDEVICE_OBJECT device, PIRP irp)
{
//获取当前堆栈
PIO_STACK_LOCATION irpsp = IoGetCurrentIrpStackLocation(irp);
//NTSTATUS status;
ULONG i, j;
//首先需要知道发送给了那个串口
for (i = 0; i < CCP_MAX_COM_ID; i++)
{
if (s_fltobj[i] == device)
{
//过滤电源操作,全都不进行截留,在win7及以后不需要调用电源操作
if (irpsp->MajorFunction == IRP_MJ_POWER)
{
/向电源管理器发出信号,即驱动程
序已准备好处理下一个电源 IRP/
PoStartNextPowerIrp(irp);
//跳过当前IRP栈空间.
IoSkipCurrentIrpStackLocation(irp);
//调用真实设备
return PoCallDriver(s_nextobj[i], irp);
}
if (irpsp->MajorFunction == IRP_MJ_WRITE)
{
//获取数据长度